20 matches found
Astra Linux - уязвимость в chromium
Inappropriate implementation in the Extensions API in Google Chrome prior to 121.0.6167.85 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data through a crafted Chrome Extension. Chromium security severity: Low...
Linux Distros Unpatched Vulnerability : CVE-2023-6859
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free condition affected TLS socket creation when under memory pressure. This vulnerability affects Firefox ESR 115.6, Thunderbird 115.6, and Firefox...
SUSE CVE-2024-1060
Use after free in Canvas in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
Mozilla: Memory safety bugs fixed in Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7
The Mozilla Foundation Security Advisory describes this flaw as: Memory safety bugs present in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run...
Google Chrome 安全漏洞
Google Chrome is a web browser from Google, an American company. A security bypass vulnerability exists in Google Chrome version 121.0.6167.85 and prior versions due to an improper implementation in the Extensions API. An attacker can exploit the vulnerability to bypass security restrictions...
CentOS 8 : thunderbird (CESA-2024:0003)
The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2024:0003 advisory. - The signature of a digitally signed S/MIME email message may optionally specify the signature creation date and time. If present, Thunderbird did not...
Mozilla Firefox Security Advisories (MFSA2023-53, MFSA2023-56) - Mac OS X
Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...
Mozilla Firefox Security Advisories (MFSA2023-53, MFSA2023-56) - Windows
Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...
CVE-2023-6871
Under certain conditions, Firefox did not display a warning when a user attempted to navigate to a new protocol handler. This vulnerability affects Firefox 121...
CVE-2023-6871
Under certain conditions, Firefox did not display a warning when a user attempted to navigate to a new protocol handler. This vulnerability affects Firefox 121...
CVE-2023-6871
Under certain conditions, Firefox did not display a warning when a user attempted to navigate to a new protocol handler. This vulnerability affects Firefox 121...
Design/Logic Flaw
Under certain conditions, Firefox did not display a warning when a user attempted to navigate to a new protocol handler. This vulnerability affects Firefox 121...
CVE-2023-6871
Under certain conditions, Firefox did not display a warning when a user attempted to navigate to a new protocol handler. This vulnerability affects Firefox 121...
Mozilla Firefox Security Vulnerability
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in versions of Mozilla Firefox prior to 121, which stems from allowing untrustworthy content to be displayed under the name of trusted content...
Mozilla Firefox Security Vulnerability
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox prior to version 121, which stems from a user-agent that allows unauthorized attackers to send null messages...
WordPress Simple URLs Plugin <= 120 is vulnerable to Cross Site Request Forgery (CSRF)
Software Simple URLs Type Plugin Vulnerable versions = 120 Fixed in 121 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-45606 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID d8dcb8acc03a Credits Mika Required privilege...
Cobham Sea Tel Information Disclosure Vulnerability (CNVD-2018-03967)
Cobham Sea Tel is a suite of wireless communication terminals from Cobham UK. An information disclosure vulnerability exists in Cobham Sea Tel version 121 build 222701. A remote attacker can exploit this vulnerability by sending a /cgi-bin/getSysStatus request to obtain sensitive information...
Cobham Sea Tel Information Disclosure Vulnerability
Cobham Sea Tel is a suite of wireless communication terminals from Cobham UK. An information disclosure vulnerability exists in Cobham Sea Tel version 121 build 222701. An attacker can exploit this vulnerability by reading the loginName line in the js/userLogin.js URI to obtain sensitive...
Moderate: Red Hat Security Advisory: java-1.6.0-sun security update
An update for java-1.6.0-sun is now available for Oracle Java for Red Hat Enterprise Linux 5, Oracle Java for Red Hat Enterprise Linux 6, and Oracle Java for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability...
Seditio CMS <= v121 (pfs.php) Remote File Upload Vulnerability
Exploit for unknown platform in category web applications ============================================================== Seditio CMS = v121 pfs.php Remote File Upload Vulnerability ============================================================== Seditio CMS Remote File Upload Vulnerability ReSearch...